PT-2026-42411 · Netatalk · Netatalk

Arjun Basnet

·

Published

2026-05-21

·

Updated

2026-05-21

·

CVE-2026-44054

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Netatalk versions 2.0.0 through 4.4.2
Description Netatalk generates AFP session tokens derived from predictable process IDs. This allows a remote authenticated attacker to cause a denial of service by exploiting the reconnect mechanism.
Recommendations Update to version 4.4.3.

Fix

Use of Insufficiently Random Values

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44054

Affected Products

Netatalk